An anonymous hacker claimed to have access to private user data on various services, including exchanges such as Coinbase and Binance.

According to one report, this claim appears to be true. The hacker in question has access to an account associated with the “KodexGlobal” platform, which has the power to request user information from companies.

The report details that the hacker is trading access to this account for $5,000. In addition, it offers the possibility to request emergency data from the Service of Interest (EDR) for $300.

With this access, interested parties can get information from people on LinkedIn, Discord, Tinder, SendGrid, and other services. Crypto platforms such as Binance, Coinbase and Chainlink stand out in particular.

Unlike other types of attacks, this modality does not directly compromise the security of the sites and services identified. However, the use of fake or stolen credentials allows access to customers’ private information, making them possible targets for attacks and phishing campaigns.

The KodexGlobal account is used for communications and requests related to regulators and legal agencies.

Those who have control over this account can write to any service and request information about users, citing legal justification. It is believed that access to this session was obtained through a vulnerability in the file transfer software known as MOVEit.

K. Tovar

Source: Diariobitcoin

(Reference image source: Unsplash+)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Hacker claimed to have private data of Binance and Coinbase users apareció primero en Bitfinance.

In a surprising victory against cybercrime, Huobi Global’s HTX cryptocurrency exchange has managed to recover funds stolen by a hacker in late September. In this incident, 5,000 ETH, valued at approximately USD 8 million at the time, were compromised and drained from one of HTX’s hot wallets.

However, what really stands out in this case is the unusual way in which Huobi Global recovered the funds and resolved the situation. After establishing contact with the hacker and confirming his identity, HTX opted for an extremely conciliatory solution.

They offered a 5 % reward, equivalent to about $400,000 in Ether, and agreed not to take legal action if 95% of the stolen funds were returned by the October 2 deadline.

At a time when stablecoins in the cryptocurrency world have faced considerable challenges over the past eighteen months, this successful resolution stands out as a ray of hope in the industry.

According to data provided by DeFiLlama, a crypto data provider, the total market capitalization of these digital assets has seen a 35 % drop, especially following the collapse of Terraform and its native stablecoin last year.

K. Tovar

Source: Criptotendencia

(Reference image source: Unsplash+)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Huobi Global finally managed to recover its hacked funds apareció primero en Bitfinance.

Arkham Intelligence, the leading Blockchain data analytics firm, took a bold step to track down the person responsible for the hack against FTX in 2022. The company recently launched its ARKM token and has put a price on the head of the hacker responsible, offering a generous reward of up to $46,000 for information leading to his identity.

The news about this reward was spread through the official page of Arkham Intelligence and quickly spread through various media. The company made it clear that those who provide the requested information will receive a reward of 100,000 ARKM, whose current value is estimated at around 46,000. Interested parties have until August 17 to submit information that helps identify the person responsible for the hack.

It is important to note that for the information to be valid, it must be backed by solid research backed by data from the web and credible sources. The evidence presented must be related to the attack and offer clues as to who or those responsible for it.

Recall that the attack against FTX occurred in the midst of the chaos generated by the liquidity problems and the subsequent bankruptcy declaration of the exchange. At that time, a security breach was recorded that resulted in the theft of approximately $400 million stored in customers‘ wallets. The attack occurred between November 11 and 12, when large amounts of crypto capital were withdrawn from FTX and FTX.US.

During initial investigations, FTX General Counsel Ryne Miller confirmed the existence of a hack in progress and warned users to use caution and avoid accessing the exchange to avoid downloading malware. Subsequently, other independent investigations suggested the possibility of an inside job, leading to speculation that the attacker(s) could be members of the company with access to the cold wallets.

Although the authorities and various entities in the crypto sector acted quickly and managed to freeze part of the stolen funds, the identity of the attacker(s) and the destination of the rest of the funds remain a mystery.

K. Tovar

Source: Diariobitcoin

(Reference image source: Jonathan Borba, Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Blockchain firm is offering $46,000 to identify FTX hacker apareció primero en Bitfinance.

Through social networks and international media, the death of Kevin Mitnick, considered the most famous hacker in history, was confirmed.

Mitnick’s death was announced early on the social network Twitter, at age 59, after a long battle against pancreatic cancer.

His life was marked by persecutions, scandals, extensive media coverage and imprisonment in the United States, due to his knowledge and technological skills as a hacker that he developed at an early age.

Mitnik put the US judicial system to the test, prompting the creation of new laws to curb unauthorized access to digital networks and data.

With followers and detractors in the technological world, Mitnick lived through numerous ups and downs, all related to the hacking of companies and legal penalties. In fact, after being released after five years in prison, he published four books: The Art of Deception, The Art of Intrusion, A Ghost in the System, and The Art of Invisibility.

Unfortunately, it has been confirmed that Kevin Mitnick has passed away at the age of 59 after a courageous battle with pancreatic cancer. Despite many of us not wanting to believe it, various sources corroborate this sad news.

We will always remember him with a big smile. pic.twitter.com/2vAWjW078w

— DragonJAR – Seguridad Informática (@DragonJAR) July 20, 2023

M.Pino

With information from international media and social networks

(Reference image source: Twitter, @hipertextual)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Kevin Mitnick, the most famous hacker in history, has passed away apareció primero en Bitfinance.

The LockBit cybercriminal group created a version of its popular ransomware to encrypt computers running Apple’s Mac operating system, a first in its evolution so far limited to Microosft and Linux.

LockBit is a type of malware designed to encrypt the computer it infects, generally Microsoft or Linux, and prevent access to its data, also interrupting the operations of a company or organization, until now its main objectives. To release it, request a payment.

LockBit works as a ransomware-as-a-service (RaaS), and is linked to the cybercriminal group of the same name. According to Kaspersky, its members appear to “intentionally avoid attacking the local systems of Russia or any other country of the Commonwealth of Independent States”, something that has sometimes led to the belief that it is a group of Russian origin or linked to the Russian government.

An update on this group was provided by MalwareHunter researchers, who identified what they believe to be “the first LockBit build” targeting an Apple device.

The ransomware sample they have analyzed was designed for a MacOS computer with an Apple Silicon (M1) chip, as they shared via Twitter. Specifically, it appears as “locker_Apple_M1_64”.

In the explanation they offer, they point out that it was included in a package dated March 20. With the contribution of VX-Underground, they qualified that it was made public in November 2022.

Earlier this year, the LockBit group apologized after it emerged that its ransomware had attacked and encrypted the systems of a children’s hospital, claiming it was the action of a partner, who violated its rules.

Source: dpa

(Reference image source: file)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Apple is also affected by LockBit ransomware apareció primero en Bitfinance.

Metamask, the popular Ethereum wallet, issued a fraud alert after a hacker gained access to a Namecheap email account. The attacker has reportedly been sending unauthorized emails to users of the platform, asking them to reveal sensitive information, including wallet recovery phrases.

Metamask has warned its users never to reveal sensitive information through emails or messages, even if they appear to be from a trusted sender. Instead, users must directly access their wallet through the app or website and verify the authenticity of any requests through official support channels.

The Metamask team has worked with Namecheap to fix the issue and protect the security of its users. The company also asked users to report any suspicious emails or messages, so they can investigate and take additional steps to protect the security of their users.

The fraud alert is an important reminder that users need to be cautious and protect their funds and sensitive information, especially in the crypto world.

K. Tovar

Source: Cointelegraph

(Reference image source: file)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Metamask warned about a scam attempt through emails apareció primero en Bitfinance.

ESET, a leading proactive threat detection company, analyzes fraud known as the “tech support scam” that offers people a fake technical support service seeking to “solve” non-existent problems. By using various social engineering strategies, these criminals successfully trick large numbers of people that there is a problem with a system, into handing over their money or sensitive data, such as passwords and financial details.

In the United States nearly 24,000 people reported losing nearly $348 million to tech support scams in 2021, representing a 137% increase in losses from the previous year, the FBI says. However, this would not capture the magnitude of the problem, since many victims are reluctant to file the corresponding complaint. Meanwhile, separate research by Microsoft in 2021 states that three-fifths of global consumers had encountered this type of scam in the previous 12 months and “one in six fell for it”, often losing money on the process.

“The silver lining to all of this is that this is a cybercrime that can be prevented with a good dose of user awareness. By detecting the early warning signs, people can avoid falling victim to this scheme, saving a lot of time, money and possibly tears in the process”, says Camilo Gutiérrez Amaya, Head of the ESET Latin America Research Laboratory.

Tech support scams have evolved significantly over the past decade. The first cases involved cold calls from fake tech support agents who were usually based in India and claimed to work for Microsoft, Dell, Cisco, or another technology company, including well-known security vendors. In this way, scammers would call people out of the blue and, in a more or less random fashion, try to convince them that their computer had a problem that needed to be fixed immediately for a fee. The success of these attempts were largely based on finding victims with little knowledge of how computers really work, and came to be supported by websites and Facebook pages offering “help” to users of specific products.

Over time, deceptive ads, fake pop-ups, fake support websites, and attacks involving malware-like programs began to emerge. In this way, alerts were displayed on people’s computer screens trying to convince them that something was wrong with their machine. Scams became more sophisticated and took a turn: they began luring the victim into calling the scammer (often after visiting a shady website), instead of scammers cold-calling people in a largely random way.

With information from Press Release

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Tech support scams: what to watch out for in 2023 apareció primero en Bitfinance.

WhatsApp is working on a double verification system when you log in with which it seeks to improve the privacy and security of its application in the mobile version, which consists of sending a second numerical code and notification that said account is being used on another device.

Currently, the messaging platform only has a verification system that requires the introduction of an additional six-digit PIN code before registering the account in a new terminal.

However, if a person registers a phone number in a WhatsApp account and manages to obtain the code that is sent to this number to continue with the installation process, the account present in another device is unlinked.

At present, the network is working on a new verification system for mobile devices by sending two codes to avoid cyberattacks, according to specialized media.

The latest WhatsApp beta update for iOS and Android includes a feature that introduces two-step verification. That way, when the first attempt to log into a WhatsApp account is successful, another six-digit code will be required to complete the process.

This second verification code would be sent to the primary device in case someone signs in with the same phone number on a different device. In this way, the victims will be able to know that another person is trying to impersonate their identity and steal their accounts.

This verification includes a notification that “The number is being used by WhatsApp on another phone. To make sure your account is under your control, you need to confirm another verification code.”

Also, this message informs that, to reinforce the security of the users, a timer has been introduced. The user will have to wait for it to finish in order to enter the six-digit code and complete the application installation process.

K. Tovar

Click the link to subscribe to our news and media group on Telegram: https://t.me/G_ELSUMARIO_Noticias

Source: WABetainfo

La entrada WhatsApp develops a double verification system apareció primero en Bitfinance.

Paying a ransomware ransom is perceived by managers as a reliable way of dealing with the problem, to the point that close to 90 % of companies that are victims of this cyberattack would pay if attacked again.

The cybersecurity company Kaspersky conducted a survey of 900 business executives from around the world about their attitude to the threat.

Ransomware remains a significant threat, with two-thirds (64 %) of businesses experiencing an attack. According to the report, if an organization has been a victim of ransomware in the past, they are more likely to pay a ransom in the event of a new attack (88%).

These companies are also more likely to pay as soon as possible for immediate access to their data (33 % of previously attacked companies vs. 15 % of never-victimized companies), or to pay after only a couple of days of unsuccessful decryption attempts (30 % vs. 19 %).

“Since it is about business continuity, executives are forced to make difficult decisions about paying the ransom,” Kaspersky’s vice president of corporate product marketing Sergey Martsynkyan said in a statement.

The report also shows that 66 % of companies anticipate that this attack may occur in their business at some point, considering it more likely than other types of common attacks, such as denial of service (DDoS), supply chain, advanced persistent threat (APT), crypto mining or cyber espionage.

Source: dpa

La entrada Most companies would pay ransom in case of ransomware apareció primero en Bitfinance.

The growing interest of users in the universe of cryptocurrencies and the lack of knowledge about the risks that this market presents has resulted in an increase in scams in which bitcoin investment programs are offered by email, as warned by the cybersecurity company Eset.

Criminals take advantage of the legal vacuum in this business and the general ignorance on the part of users to proceed with the massive dissemination of emails with which they intend to encourage these people to invest in non-existent funds or collect false payments.

The latter are characterized by including a message informing the user that their investment bonus is ready to be paid and that, in order to collect it, it is only necessary to register and accept payment.

Emails that are a scam

Although email services such as Outlook or Gmail are capable of filtering most of this content, others manage to sneak into the inbox and present a real and legitimate appearance, as Eset denounced in a statement.

This is one of the most abundant formats of the fraudulent system for sending emails, one more of the many tactics that cybercriminals are formalizing with the aim of getting victims to create accounts on cryptocurrency purchase and exchange platforms.

To pass them off as legitimate campaigns, hackers even include images of celebrities and alleged screenshots of covers and articles published in the media without their consent to take advantage of their popularity and attract new victims.

In this case, they can even stage a fake interview in which a person with a certain popularity talks about how his successful experience in investing in bitcoin has been.

Source: dpa

La entrada Bitcoin scams through emails continue to grow apareció primero en Bitfinance.